It’s not science fiction. Giant networks of zombie computers are poised to unleash massive destruction on the Internet. You’ve read about it right here in eWeek (see “Thwarting the zombies” by Dennis Fisher, from the March 31 issue). There are other causes for concern: In this space last week, my colleague Timothy Dyck detailed a litany of root-level vulnerabilities that came to light in March alone; and worm activity has increased tenfold this year. But what bothers me most is a strong sense of déjà vu. Every year bad things happen for security, calls are made to improve security infrastructure and patching practices, and for each step forward, there are two steps back. Threats aren’t worse because attackers have gotten smarter. It’s either that system administrators have gotten lazier or are overworked due to layoffs or both. In most cases, the big security problems you read about every day are simply due to crackers taking advantage of old problems in tens of thousands of unpatched systems for which patches have been available for months or years. So what’s the solution? I think it’s time to use the worms’ tactics against them and build good worms that fix problems. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.